The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate indicators of compromise (IOCs) associated with malicious cyber activities linked to Funnull Technology Inc. (Funnull).
Funnull is a Philippines-based company which provides computer infrastructure for thousands of websites associated with cryptocurrency investment fraud (CIF) scams, commonly referred to as “pig butchering,” and other illicit activities. During CIF scams, perpetrators pose as potential romantic partners or friends to gain victims’ trust, who are then convinced to invest in virtual currency. The perpetrators direct their victims to deposit money into what appear to be legitimate investment platforms, such as websites or applications. Ultimately, money sent to these platforms is not invested, and instead goes directly to the scammers. Funnull facilitates these scams by purchasing IP addresses and providing hosting services and other internet infrastructure to groups performing these frauds.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Hackers attack UK water supplier but extort wrong company
August 16, 2022
South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn’t impact the supply of safe water to its customers ...
- 1,900 Signal users exposed: Twilio attacker ‘explicitly’ looked for certain numbers
August 16, 2022
The security breach at Twilio earlier this month affected at least one high-value customer, Signal, and led to the exposure of the phone number and SMS registration codes for 1,900 users of the encrypted messaging service, it confirmed. However, Signal – considered one of the better secured of all the encrypted messaging apps – claims the ...
- Three vulnerabilities in HDF5 file format could lead to remote code execution
August 16, 2022
Cisco Talos recently discovered three vulnerabilities in a library that works with the HDF5 file format that could allow an attacker to execute remote code on a targeted device. These issues arise in the libhdf5 gif2h5 tool that’s normally used to convert a GIF file to the HDF5 format, commonly used to store large amounts of ...
- Two more malicious Python packages in the PyPI
August 16, 2022
On August 8, CheckPoint published a report on ten malicious Python packages in the Python Package Index (PyPI), the most popular Python repository among software developers. The malicious packages were intended to steal developers’ personal data and credentials. Following this research, Kaspersky used their internal automated system for monitoring open-source repositories and discovered two other malicious ...
- Threat in your browser: what dangers innocent-looking extensions hold for users
August 16, 2022
Whether you want to block ads, keep a to-do list or check your spelling, browser extensions allow you to do all of the above and more, improving convenience, productivity and efficiency for free, which is why they are so popular. Chrome, Safari, Mozilla — these and many other major Web browsers — have their own ...
- RTLS systems vulnerable to MiTM attacks, location manipulation
August 16, 2022
Security researchers have uncovered multiple vulnerabilities impacting UWB (ultra-wideband) RTLS (real-time locating systems), enabling threat actors to conduct man-in-the-middle attacks and manipulate tag geo-location data. RTLS technology is widely used in industrial environments, mass transit, healthcare, and smart city applications. Its primary role is to assist in safety by defining geofencing zones using tracking tags, signal ...